What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-04-15 14:19:20 | Popular NFT marketplace Rarible targeted by scammers and malware (lien direct) | Nothing attracts a scammer more than money, and with the NFT craze generating a ton of sales, threat actors are trying to capitalize on it. [...] | Malware Threat | ||
|
2021-04-13 14:17:12 | New Linux, macOS malware hidden in fake Browserify NPM package (lien direct) | A new malicious package been spotted this week on the npm registry, which targets NodeJS developers using Linux and Apple macOS operating systems for its recon activities. The malicious package is called "web-browserify." It imitates the popular Browserify npm component, downloaded over 160 million times over its lifetime. [...] | Malware | ||
|
2021-04-13 11:38:23 | QBot malware is back replacing IcedID in malspam campaigns (lien direct) | Malware distributors are rotating payloads once again, switching between trojans that are many times an intermediary stage in a longer infection chain. [...] | Malware | ||
|
2021-04-10 15:20:21 | Joker malware infects over 500,000 Huawei Android devices (lien direct) | More than 500,000 Huawei users have downloaded from the company's official Android store applications infected with Joker malware that subscribes to premium mobile services. [...] | Malware | ||
|
2021-04-10 10:40:00 | Android malware found embedded in APKPure store application (lien direct) | Security researchers found malware embedded within the official application of APKPure, a popular third-party Android app store and an alternative to Google's official Play Store. [...] | Malware | ||
|
2021-04-09 13:55:00 | Attackers deliver legal threats, IcedID malware via contact forms (lien direct) | Threat actors are using legitimate corporate contact forms to send phishing emails that threaten enterprise targets with lawsuits and attempt to infect them with the IcedID info-stealing malware. [...] | Malware Threat | ||
|
2021-04-08 09:01:17 | North Korean hackers use new Vyveva malware to attack freighters (lien direct) | The North Korean-backed Lazarus hacking group used new malware with backdoor capabilities dubbed Vyveva by ESET researchers in targeted attacks against a South African freight logistics company. [...] | Malware | APT 38 APT 28 | |
|
2021-04-07 11:36:59 | Gigaset Android phones infected by malware via hacked update server (lien direct) | Owners of Gigaset Android phones have been repeatedly infected with malware since the end of March after threat actors compromised the vendor's update server in a supply-chain attack. [...] | Malware Threat | ||
|
2021-04-07 06:00:00 | Android malware infects wannabe Netflix thieves via WhatsApp (lien direct) | Newly discovered Android malware found on Google's Play Store disguised as a Netflix tool is designed to auto-spread to other devices using WhatsApp auto-replies to incoming messages. [...] | Malware Tool | ||
|
2021-04-03 18:40:12 | Malware attack is preventing car inspections in eight US states (lien direct) | A malware cyberattack on emissions testing company Applus Technologies is preventing vehicle inspections in eight states, including Connecticut, Georgia, Idaho, Illinois, Massachusetts, Utah, and Wisconsin. [...] | Malware | ||
|
2021-03-31 13:05:58 | BazarCall malware uses malicious call centers to infect victims (lien direct) | For the past two months, security researchers have been waging an online battle against a new 'BazarCall' malware that uses call centers to distribute some of the most damaging Windows malware. [...] | Malware | ||
|
2021-03-31 12:31:49 | Malware hidden in game cheats and mods used to target gamers (lien direct) | Threat actors target gamers with backdoored game tweaks and cheats hiding malware capable of stealing information from their systems after infection. [...] | Malware Threat | ||
|
2021-03-31 07:55:47 | (Déjà vu) Fake jQuery files infect WordPress sites with malware (lien direct) | Researchers have spotted counterfeit versions of the jQuery Migrate plugin injected on dozens of websites which contains obfuscated code to load malware. These files are named jquery-migrate.js & jquery-migrate.min.js and present at the exact locations where JavaScript files are normally present on WordPress sites but are malicious. [...] | Malware | ||
|
2021-03-31 07:55:47 | Fake jQuery files load obfuscated malware on WordPress sites (lien direct) | Researchers have spotted counterfeit versions of the jQuery Migrate plugin injected on dozens of websites which contains obfuscated code to load malware. These files are named jquery-migrate.js & jquery-migrate.min.js and present at the exact locations where JavaScript files are normally present on WordPress sites but are malicious. [...] | Malware | ||
|
2021-03-27 01:00:00 | New Android malware spies on you while posing as a System Update (lien direct) | New malware with extensive spyware capabilities steals data from infected Android devices and is designed to automatically trigger whenever new info is read to be exfiltrated. [...] | Malware | ||
|
2021-03-24 16:17:42 | Facebook blocks Chinese state hackers targeting Uyghur activists (lien direct) | Facebook took down accounts used by a Chinese-sponsored hacking group to deploy surveillance malware on devices used by Uyghurs activists, journalists, and dissidents living outside China. [...] | Malware | ||
|
2021-03-23 16:54:30 | Purple Fox malware worms its way into exposed Windows systems (lien direct) | Purple Fox, a malware previously distributed via exploit kits and phishing emails, has now added a worm module that allows it to scan for and infect Windows systems reachable over the Internet in ongoing attacks. [...] | Malware | ★★★★★ | |
|
2021-03-19 09:05:00 | Russian pleads guilty to Tesla hacking and extortion attempt (lien direct) | Russian national Egor Igorevich Kriuchkov has pleaded guilty to recruiting a Tesla employee to plant malware designed to steal data within the network of Tesla's Nevada Gigafactory. [...] | Malware Guideline | ||
|
2021-03-18 14:20:34 | New CopperStealer malware steals Google, Apple, Facebook accounts (lien direct) | Previously undocumented account-stealing malware distributed via fake software crack sites targets the users of major service providers, including Google, Facebook, Amazon, and Apple. [...] | Malware | ||
|
2021-03-18 11:58:03 | US taxpayers targeted with RAT malware in ongoing phishing attacks (lien direct) | US taxpayers are being targeted by phishing attacks attempting to take over their computers using malware and steal sensitive personal and financial information. [...] | Malware | ||
|
2021-03-18 10:47:22 | New XcodeSpy malware targets iOS devs in supply-chain attack (lien direct) | A malicious Xcode project known as XcodeSpy is targeting iOS devs in a supply-chain attack to install a macOS backdoor on the developer's computer. [...] | Malware | ||
|
2021-03-16 12:53:25 | Mimecast: SolarWinds hackers used Sunburst malware for initial intrusion (lien direct) | Email security company Mimecast has confirmed today that the state-sponsored SolarWinds hackers who breached its network earlier this year used the Sunburst backdoor during the initial intrusion. [...] | Malware | Solardwinds Solardwinds | |
|
2021-03-12 13:20:18 | Microsoft Exchange exploits now used by cryptomining malware (lien direct) | The operators of Lemon_Duck, a cryptomining botnet that targets enterprise networks, are now using Microsoft Exchange ProxyLogon exploits in attacks against unpatched servers. [...] | Malware | ||
|
2021-03-12 11:14:54 | New ZHtrap botnet malware deploys honeypots to find more targets (lien direct) | A new botnet is hunting down and transforming unpatched routers, DVRs, and UPnP network devices it takes over into honeypots that help it find other devices to infect. [...] | Malware | ||
|
2021-03-11 08:46:18 | Chinese state hackers target Linux systems with new malware (lien direct) | Security researchers at Intezer have discovered a previously undocumented backdoor dubbed RedXOR, with links to a Chinese-sponsored hacking group and used in ongoing attacks targeting Linux systems. [...] | Malware | ||
|
2021-03-08 15:06:34 | Hackers hiding Supernova malware in SolarWinds Orion linked to China (lien direct) | Intrusion activity related to the Supernova malware planted on compromised SolarWinds Orion installations exposed on the public internet points to an espionage threat actor based in China. [...] | Malware Threat | ||
|
2021-03-08 08:55:30 | Unpatched QNAP devices are being hacked to mine cryptocurrency (lien direct) | Unpatched network-attached storage (NAS) devices are targeted in ongoing attacks where the attackers try to take them over and install cryptominer malware to mine for cryptocurrency. [...] | Malware | ||
|
2021-03-04 14:05:09 | (Déjà vu) Microsoft reveals 3 new malware strains used by SolarWinds hackers (lien direct) | Microsoft has revealed information on newly found malware the SolarWinds hackers deployed on victims' networks as second-stage payloads. [...] | Malware | ||
|
2021-03-04 14:05:09 | Microsoft reveals new malware used by the SolarWinds hackers (lien direct) | Microsoft has revealed information on newly found malware the SolarWinds hackers deployed on victims' networks as second-stage payloads. [...] | Malware | ||
|
2021-03-04 13:04:03 | FireEye finds new malware likely linked to SolarWinds hackers (lien direct) | FireEye discovered a new "sophisticated second-stage backdoor" on the servers of an organization compromised by the threat actors behind the SolarWinds supply-chain attack. [...] | Malware | ||
|
2021-03-03 18:15:09 | CompuCom MSP confirms ongoing outage following malware incident (lien direct) | The US managed service provider CompuCom has suffered a cyberattack leading to service outages and customers disconnecting from the MSP's network to prevent the spread of malware, BleepingComputer has learned. [...] | Malware Guideline | ||
|
2021-03-01 13:10:49 | Hackers use black hat SEO to push ransomware, trojans via Google (lien direct) | The delivery system for the Gootkit information stealer has evolved into a complex and stealthy framework, which earned it the name Gootloader, and is now pushing a wider variety of malware via hacked WordPress sites and malicious SEO techniques for Google results. [...] | Malware | ||
|
2021-02-25 11:14:00 | North Korean hackers target defense industry with custom malware (lien direct) | A North Korean-backed hacking group has targeted the defense industry with custom backdoor malware dubbed ThreatNeedle since early 2020 with the end goal of collecting highly sensitive information. [...] | Malware | ||
|
2021-02-22 11:47:28 | New Silver Sparrow malware infects 30,000 Macs for unknown purpose (lien direct) | A new macOS malware known as Silver Sparrow has silently infected almost 30,000 Mac devices with malware whose purpose is a mystery. [...] | Malware | ||
|
2021-02-18 10:25:18 | US shares info on North Korean malware used to steal cryptocurrency (lien direct) | The FBI, CISA, and US Department of Treasury shared detailed info on malicious and fake crypto-trading applications used by North Korean-backed state hackers to steal cryptocurrency from individuals and companies worldwide in a joint advisory published on Wednesday. [...] | Malware | ||
|
2021-02-14 12:12:06 | Pro-India hackers use Android spyware to spy on Pakistani military (lien direct) | This week a report has revealed details on the two spyware strains leveraged by state-sponsored threat actors during the India-Pakistan conflict. The malware strains named Hornbill and SunBird have been delivered as fake Android apps (APKs) by the Confucius advanced persistent threat group (APT), a state-sponsored operation. [...] | Malware Threat | ||
|
2021-02-12 13:50:53 | Google: Gmail users from US most targeted by phishing attacks (lien direct) | Google has revealed earlier this week that Gmail users from the United States are the most popular target for email-based phishing and malware attacks. [...] | Malware | ||
|
2021-02-11 06:01:01 | TrickBot\'s BazarBackdoor malware is now coded in Nim to evade antivirus (lien direct) | TrickBot's stealthy BazarBackdoor malware has been rewritten in the Nim programming language, likely to evade detection by security software. [...] | Malware | ||
|
2021-02-09 13:09:11 | New BendyBear APT malware gets linked to Chinese hacking group (lien direct) | Unit 42 researchers today have shared info on a new polymorphic and "highly sophisticated" malware dubbed BendyBear, linked to a hacking group with known ties to the Chinese government. [...] | Malware | ||
|
2021-02-08 11:52:26 | Android app joins the dark side, sends malware update to millions (lien direct) | Google has removed a popular Android barcode scanner app with over 10 million installs from the Play Store after researchers found that it turned malicious following a December 2020 update. [...] | Malware | ||
|
2021-02-02 12:52:19 | Trickbot malware now maps victims\' networks using Masscan (lien direct) | The Trickbot malware has been upgraded with a network reconnaissance module designed to survey local networks after infecting a victim's computer. [...] | Malware | ||
|
2021-02-02 07:09:31 | New Linux malware steals SSH credentials from supercomputers (lien direct) | A new backdoor has been targeting supercomputers across the world, often stealing the credentials for secure network connections by using a trojanized version of the OpenSSH software. [...] | Malware | ||
|
2021-02-01 08:04:01 | Android emulator supply-chain attack targets gamers with malware (lien direct) | ESET researchers have discovered that an unknown threat actor has compromised the updating mechanism of NoxPlayer, an Android emulator for Windows and macOS, made by Hong Kong-based company BigNox. [...] | Malware Threat | ||
|
2021-01-29 16:04:57 | (Déjà vu) Here\'s how law enforcement\'s Emotet malware module works (lien direct) | New research released today provides greater insight into the Emotet module created by law enforcement that will uninstall the malware from infected devices in April. [...] | Malware | ||
|
2021-01-29 16:04:57 | Here\'e how law enforcement\'s Emotet malware module works (lien direct) | New research released today provides greater insight into the Emotet module created by law enforcement that will uninstall the malware from infected devices in April. [...] | Malware | ||
|
2021-01-29 14:06:49 | New Pro-Ocean malware worms through Apache, Oracle, Redis servers (lien direct) | The financially-motivated Rocke hackers are using a new piece of cryptojacking malware called Pro-Ocean to target vulnerable instances of Apache ActiveMQ, Oracle WebLogic, and Redis. [...] | Malware | APT 32 | |
|
2021-01-29 11:20:38 | Perl.com domain stolen, now using IP address tied to malware (lien direct) | The domain name perl.com was stolen this week and is now points to an IP address associated with malware campaigns. [...] | Malware | ||
|
2021-01-27 14:56:08 | (Déjà vu) Europol: Emotet malware will uninstall itself on April 25th (lien direct) | Law enforcement has started to distribute an Emotet module to infected devices that will uninstall the malware on March 25th, 2021. [...] | Malware | ||
|
2021-01-27 14:56:08 | Europol: Emotet malware will uninstall itself on March 25th (lien direct) | Law enforcement has started to distribute an Emotet module to infected devices that will uninstall the malware on March 25th, 2021. [...] | Malware | ||
|
2021-01-27 10:16:09 | Linux malware uses open-source tool to evade detection (lien direct) | AT&T Alien Labs security researchers have discovered that the TeamTNT cybercrime group upgraded their Linux crypto-mining with open-source detection evasion capabilities. [...] | Malware Tool | ★★★ |
To see everything:
Our RSS (filtrered)
